Network WLAN AP-NIPR Platform STIG Version Comparison

There are 2 differences between versions v7 r1 (July 23, 2021) (the "left" version) and v7 r3 (April 27, 2023) (the "right" version).

Check WLAN-NW-000300 was changed between these two versions. Green, underlined text was added, red, struck-out text was removed.

The regular view of the left check and right check may be easier to read.

Title

The WLAN inactive inactive/idle session timeout must be set for 30 minutes or less.

Check Content

1. Review the relevant configuration screen of the WLAN controller or access point. 2. Verify the inactive/idle session timeout setting is set for 30 minutes or less. If this the inactive/idle session timeout is not set to 30 minutes or less for the entire WLAN WLAN, or the WLAN does not have the capability to enable the session timeout feature, this is a finding.

Discussion

A WLAN session that never terminates due to inactivity may allow an opening for an adversary to highjack the session to obtain access to the network.

Fix

Set the WLAN inactive inactive/idle session timeout to 30 minutes or less.